Firewall Wizards mailing list archives
Radius access from provider to internal MS ISA Server
From: Christoph Steigmeier <chris () haven hypernet ch>
Date: Thu, 4 Jul 2002 17:14:57 +0200 (CEST)
Hello Our network-engineers are planing a vpn. The access should be done through a selected local internet provider. The authentication for the ppp-connection to the provider should be authenticated using the chap protocol which is then forwarded from the isp's dialin to our radius server in our corporate network to validate uid/pw. After this the vpn-connection can be initialized through our vpn-gateways. My question: I am not sure if it is good to allow the providers radius-proxys to access our radiusservers (MS ISA) in our internal net without an additional radiusproxy in our dmz. Our engineers argument, that these will be expensive and pointless, because only the ip from the providers radius would be granted, and that dos- and spoofing protection on the firewalls is enough, and that an additional radiusproxy will not prohibit unauthorized use of the connection. I am also not so sure if it is a good thing to administrate both rights in one directory eg. Thank you Sincerely Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Radius access from provider to internal MS ISA Server Christoph Steigmeier (Jul 04)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Kyle R. Hofmann (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 05)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 07)
- RE: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 07)
- RE: strong passwords (was Radius/MS ISA stuff) Ben Nagy (Jul 08)
- RE: strong passwords (was Radius/MS ISA stuff) Paul Robertson (Jul 08)
- Re: strong passwords (was Radius/MS ISA stuff) Barney Wolff (Jul 08)
- RE: Radius access from provider to internal MS ISA Server Ben Nagy (Jul 05)
- Re: Radius access from provider to internal MS ISA Server Paul Robertson (Jul 04)